cbcvebase.
CVE-2025-3616
published 2025-04-22

CVE-2025-3616: The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the…

PriorityP266high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.03%
78.6th percentile
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_proxy_api_request() function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The arbitrary file upload was sufficiently patched in 11.4.5, but a capability check was added in 11.4.6 to properly prevent unauthorized limited file uploads.

Affected

2 ranges
VendorProductVersion rangeFixed in
greenshiftwpgreenshift_animation_and_page_builder_blocks>= 11.4 < 11.4.611.4.6
wpsoulgreenshift_animation_and_page_builder_blocks11.4 – 11.4.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.